As soon as my website went live with my Xupload forms I've been getting fake forms posted. All required fields are filled out with rubbish spam, and they get through our spam filter as they look like ordinary inquiries apart from the obvious rubbish posted insdie the form.

I've played around with some Javascript code but nothing seems to work, I'm guess the bots are bypassing this and just posting directly to the cgi script.

I also have file uploads as optional in my webforms, so I can't rely on this to stop fake forms.

Is there anything I can add to the backend code or maybe some php I can add to the form, to stop these fake submissions?

I don't really want to use CAPTCHA or anything that involves user intervention, unless it's unavoidable.